Add IPv6 relay graphs to metrics site

added actualpoints::0.5 component::metrics/website core-tor-wants ipv6 owner::metrics-team points::1 priority::medium resolution::fixed severity::normal status::closed type::enhancement labels

I was about to ask for the same graphs. Until it gets implemented you can see current data here: https://nusenu.github.io/OrNetStats/#ipv6-relay-stats

I think we mainly care about Guard IPv6 ORPorts and Bridge IPv6 ORPorts and PTs at this stage. Later we might be interested in middle and exit ORPorts.

Also, knowing the breakdown of exit connections:

DNS, resolved to IPv4 and IPv6
DNS, resolved to IPv4 only
DNS, resolved to IPv6 only
DNS, connected via IPv4
DNS, connected via IPv6
Connected to IPv4 literal
Connected to IPv6 literal

And the number of entry connections:

Bridge via IPv4
Bridge via IPv6
Guard via IPv4
Guard via IPv6

Trac:

Alright, here's a first graph:

This graph shows various metrics of IPv6-capable relays over the past five weeks.

Explanation:

Going through the different line colors, the red line ("announced") includes all relays or bridges that put an IPv6 address into their server descriptor that they upload to the directory authorities or bridge authority.
The green line ("confirmed") only includes relays with IPv6 OR ports that the directory authorities found reachable and that they included in the votes and then the consensus. There is no green line for bridges, because the bridge authority either does not perform IPv6 reachability tests or does not include confirmed IPv6 addresses in its status.
The cyan line ("exiting") stands for relays claiming in their server descriptor that they permit IPv6 exiting to at least one TCP port.
The purple line ("missing") is only there for a technical reason, to show when we're missing server descriptors that are referenced from consensuses or bridge network statuses, which leads to us not knowing about the green or purple line. I'm yet unsure what to do in such cases.
Going through the graphs from top to bottom, cw_frac stands for consensus weight fraction. Note that this is a relay-only graph, just like the next few graphs.
The next three show guard/middle/exit probability of relays, which is consensus weight plus bandwidth weights like: Wgg - Weight for Guard-flagged nodes in the guard position.
The next two, relay_frac and bridge_frac, show the fraction of relays and bridges in numbers, and the last two, relays and bridges, show the absolute numbers.

A few conclusions:

Note the change towards the end of October when red and green lines converged. I believe that's related to the directory authorities fixing IPv6 stuff.
It's interesting that a higher fraction of relays in terms of exit probability permits exiting than has an announced or confirmed working IPv6 OR port. I didn't check in detail whether all relays with non-reject-all exit policy have a working IPv6 OR port.

Which of these graphs should we put on the Tor Metrics website? Note that this visualization shows 4 * 8 = 32 data sets, and there's no way we can put then all on the website, not even when combining some of them in one graph. We can easily pick two or three graphs, possibly with multiple lines in them, but we can't do more. Of course we can make the full CSV file available, so that people can make their own special graphs quite easily.

By the way, nusenu, thanks a lot for sharing your OrNetStats above. That was quite helpful when starting to write some code here. Cool stuff!

Hi Karsten, thanks, these look great!

Replying to karsten:

Alright, here's a first graph:

This graph shows various metrics of IPv6-capable relays over the past five weeks.

Explanation:

Going through the different line colors, the red line ("announced") includes all relays or bridges that put an IPv6 address into their server descriptor that they upload to the directory authorities or bridge authority.

The green line ("confirmed") only includes relays with IPv6 OR ports that the directory authorities found reachable and that they included in the votes and then the consensus. There is no green line for bridges, because the bridge authority either does not perform IPv6 reachability tests or does not include confirmed IPv6 addresses in its status.

The cyan line ("exiting") stands for relays claiming in their server descriptor that they permit IPv6 exiting to at least one TCP port.

The purple line ("missing") is only there for a technical reason, to show when we're missing server descriptors that are referenced from consensuses or bridge network statuses, which leads to us not knowing about the green or purple line. I'm yet unsure what to do in such cases.

Going through the graphs from top to bottom, cw_frac stands for consensus weight fraction. Note that this is a relay-only graph, just like the next few graphs.

The next three show guard/middle/exit probability of relays, which is consensus weight plus bandwidth weights like: Wgg - Weight for Guard-flagged nodes in the guard position.

The next two, relay_frac and bridge_frac, show the fraction of relays and bridges in numbers, and the last two, relays and bridges, show the absolute numbers.

A few conclusions:

Note the change towards the end of October when red and green lines converged. I believe that's related to the directory authorities fixing IPv6 stuff.

Yes. They'll appreciate seeing this change. And this means we should keep both the announced and confirmed lines, so we can check if they diverge again.

It's interesting that a higher fraction of relays in terms of exit probability permits exiting than has an announced or confirmed working IPv6 OR port. I didn't check in detail whether all relays with non-reject-all exit policy have a working IPv6 OR port.

Exiting is easy to configure, and works even if you have a dynamic IPv6 address. ORPorts need to be static and known at config time. We're working on making them easier.

Which of these graphs should we put on the Tor Metrics website? Note that this visualization shows 4 * 8 = 32 data sets, and there's no way we can put then all on the website, not even when combining some of them in one graph. We can easily pick two or three graphs, possibly with multiple lines in them, but we can't do more. Of course we can make the full CSV file available, so that people can make their own special graphs quite easily.

I would like to see a relay counts by IPv6 announced OR / IPv6 confirmed OR / IPv6 exiting / total (IPv4) OR. It would seem to fit with the other graphs on the servers page of metrics. I want to have these numbers because they are a useful overview, and because they affect things like the size of the consensus.

https://metrics.torproject.org/networksize.html

I would also like to see advertised bandwidth by confirmed guard IPv6 OR / confirmed middle IPv6 OR / confirmed exit IPv6 OR / IPv6 exiting / total (IPv4) OR. This could go with the other graphs on the traffic page of metrics. I want to have these numbers because they show us how easy it is for clients to use IPv6 to get in and out of the Tor Network, and they can help us decide when we can use more IPv6 between relays. (I don't want to graph observed bandwidth until we start logging separate IPv4 and IPv6 stats on ORPorts and exits, because I think it would be confusing.)

https://metrics.torproject.org/bandwidth.html

I've cc'd isis, because they will have a better idea of which IPv6 bridge stats would be useful. (I'd say "like the existing bridge stats", or "like the IPv6 relay stats", but I'd only be guessing.)

Trac:
Cc: N/A to isis

Trac:

Replying to teor:

Hi Karsten, thanks, these look great!

Great! And thanks for the detailed response below.

[...]

I would like to see a relay counts by IPv6 announced OR / IPv6 confirmed OR / IPv6 exiting / total (IPv4) OR. It would seem to fit with the other graphs on the servers page of metrics. I want to have these numbers because they are a useful overview, and because they affect things like the size of the consensus.

I guess that would be a graph like this:

It contains the same data as the long graph above.

I would also like to see advertised bandwidth by confirmed guard IPv6 OR / confirmed middle IPv6 OR / confirmed exit IPv6 OR / IPv6 exiting / total (IPv4) OR. This could go with the other graphs on the traffic page of metrics. I want to have these numbers because they show us how easy it is for clients to use IPv6 to get in and out of the Tor Network, and they can help us decide when we can use more IPv6 between relays. (I don't want to graph observed bandwidth until we start logging separate IPv4 and IPv6 stats on ORPorts and exits, because I think it would be confusing.)

This one was a bit harder:

The five lines in these graph are:

Total (IPv4) OR: Total advertised bandwidth of all running relays in the network, so far so good.
Confirmed guard IPv6 OR: Total advertised bandwidth of all running relays with a confirmed reachable IPv6 OR address and with the Guard flag.
Confirmed middle IPv6 OR: Total advertised bandwidth of all running relays with a confirmed reachable IPv6 OR address and with neither Guard nor Exit flag.
Confirmed exit IPv6 OR: Total advertised bandwidth of all running relays with a confirmed reachable IPv6 OR address and with the Exit flag.
IPv6 exiting: Total advertised bandwidth of all running relays with a configured IPv6 exit policy that is not reject *:*.

Note that these lines are not independent. If suddenly a bunch of relays with confirmed reachable IPv6 OR addresses and with both Guard and Exit flag show up, the guard and exit lines will go up, even though clients will prefer them for either position based on the current Wxx bandwidth weights. I'm not trying to make this more complex than necessary. But maybe there's a way to pick slightly different set of lines that don't have this issue? Or maybe it's "just" a question of writing good enough documentation.

I've cc'd isis, because they will have a better idea of which IPv6 bridge stats would be useful. (I'd say "like the existing bridge stats", or "like the IPv6 relay stats", but I'd only be guessing.)

I'm curious! I'll hold back making graphs until I know what would be most useful.

The first graph looks great! And (edit:) the second graph tells me that the gap between Exit OR and exiting isn't that big. That's good news.

For the second graph, can we try showing confirmed IPv6 Guard OR advertised, confirmed Exit OR advertised, and exiting on IPv6 advertised, sort of like this existing graph:

https://metrics.torproject.org/bandwidth-flags.html

Can we show the Guard and Exit total (IPv4) advertised as well? (There's no equivalent to exiting, because the Exit flag implies an IPv4 exit policy.)

Edit: the second graph shows the Exit / exiting gap.

Trac:

Sounds good. Here's an updated second graph with the six lines you suggest:

That looks great! And it will help us track IPv6 growth.

Trac:

Replying to teor:

I've cc'd isis, because they will have a better idea of which IPv6 bridge stats would be useful. (I'd say "like the existing bridge stats", or "like the IPv6 relay stats", but I'd only be guessing.)

Maybe we don't need isis for this, because there's really not much data available for bridges and IPv6. For example, the bridge authority does not confirm reachability of IPv6 OR ports, so we can only use what bridges announce in their descriptors. And neither relay flags like Guard or Exit have a meaning for bridges, nor have exit policies. We also have no consensus weights for bridges. And measuring advertised bandwidth of bridges does not make as much sense, because there's no load balancing in place for bridges like there is for relays.

Basically, we only have "Total (IPv4) OR" and "IPv6 announced OR" for number of bridges supporting IPv6. Here they are together in a graph:

So, assuming these three graphs ("Number of relays supporting IPv6", Total advertised bandwidth by relays supporting IPv6", "Number of bridges supporting IPv6") are what we should add to Tor Metrics, would you mind suggesting some useful graph descriptions and other meta data? Basically, we'd need three new entries into this JSON document. If nothing comes to mind, we'll make up something, but I believe descriptions will be better if they're at least based on your suggestions.

I think it would help to have the number of IPv4 exits on the "Number of relays supporting IPv6" graph, which I have called "Relays by IP version" for consistency with the other graphs on that page. I have written the descriptions as if this change has been made.

Please see my branch feature23761 on https://github.com/teor2345/metrics-web.git for entries for these 3 graphs, and some supporting glossary updates.

I assume you'll need to add some actual code for these graphs, so I've marked the ticket as "needs revision". I only did basic validation of the graphs and glossary using jq and a browser.

edit: typo

Trac:
Status: new to needs_revision

Trac:
Points: N/A to 1
Actualpoints: N/A to 0.5

(This appears to be waiting on the metrics IPv6 module in #24218 (moved).)

Thanks for writing those descriptions! You're right that this ticket is currently waiting on #24218 (moved), which will take us weeks to complete.

I'd say let's revisit this ticket including the review of these descriptions until the aggregation code is in place.

Some very quick notes from skimming the patches:

Let's try to limit definitions to a single sentence. There's always more to say, but the question is whether the casual users wants to hear it. Let's pick the most important parts of a definition that is key to understand the graphs and throw out everything else that's less important.
Let's avoid tor developer slang like "ORPort" and write "OR port" instead. We can safely assume that 90% of Metrics website visitors have never seen a torrc.

Thanks again!

Add IPv6 relay graphs to metrics site

Child items 0

Activity